The IT industry is often described as “dynamic”. That is to say, constantly changing, and evolving. There is always a “flashy new thing” to grab our attention and distract us. That may be the case when it comes to data storage. With relatively new and flashy things like SSDs, who’s had the time to pay attention to good old tape technology and the its role in ransomware protection?
Actually, lots of big data managers have been paying very close attention to tape technology these days. The largest active archives and archival cloud services on the planet are based on modern generations of tape storage. For everyone else, there is a killer app that is rapidly raising awareness for good old tape and that is ransomware protection.
Leveraging the low data storage cost, removability and portability of today’s highly advanced tape technology turns out to be a great way to get copies of mission-critical data offline and offsite for the inevitable day when cyber criminals take control of an organization’s network and demand a hefty ransom payment.
As National Cybersecurity Awareness Month is upon us, it is worth reviewing the cybersecurity advice and best practices recommended by the government, regulatory agencies and insurance companies. So here are five reasons why data tape backups should be part of every organization’s cyber security and ransomware protection plans:
Granted, this would have been more exciting if entitled “Surfs Up”, nevertheless the Biden administration’s Shields Up notice of 2022 advises organizations to maximize their resilience to a destructive cyber incident by storing backups offline. It says:
“Test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack; ensure that backups are isolated from network connections.”
The FBI and its partners from CISA, DHS, and others echo these sentiments in their list of five best practices to minimize ransomware risks:
a. Backup your data, system images, and configurations, test your backups, and keep backups offline
b. Utilize multi-factor authentication
c. Update and patch systems
d. Make sure your security solutions are up to date
e. Review and exercise your incident response plan
Most recently, the U.S. Securities & Exchange Commission (SEC) released a rule aimed at increasing the consistency of how cybersecurity information is disclosed to investors and the public. It requires publicly traded companies to reveal cybersecurity incidents within as little as four business days and lays out annual reporting requirements for cybersecurity preparedness. One clause requires organizations to explain their business operations processes, if any, for assessing, identifying, and managing cybersecurity threats and how the board and top management provide cybersecurity oversight.
Companies will, no doubt, go to great lengths to look as good as possible in these disclosures as they will be scrutinized by investors. Failure to demonstrate a responsible and thorough approach to cybersecurity could result in lawsuits from investors and regulators if their safeguards are found inadequate. Based on FBI and Federal Shields-Up notifications, the storage of backups offline should be an essential element of any effort to minimize cybercrime risk.
Getting a cyber insurance policy does not simply transfer risk from the insured party to the insurance company. A policy does not replace the need for good cybersecurity infrastructure and policies.
Engaging an insurance company to get cyber insurance will require demonstrating that best practices are in place to defend the organization from cyber threats. The first thing an underwriter will want to know is: Do you perform regular backups and store them in a secure off-site location? In other words, organizations need to have their ransomware protection best practices in place or an insurance policy might be denied or will be simply cost prohibitive.
There are all kinds of cloud storage solutions being proposed that seek to isolate data from ransomware and other threats. However, anything stored in a cloud environment is connected to the network and thereby leaves it vulnerable to unauthorized access and infection from ransomware hackers.
There have been several instances of cloud service providers being targeted by ransomware attacks. These attacks typically aim to encrypt the data stored on the provider’s servers, demanding a ransom in exchange for the decryption key.
If an organization deals with highly sensitive or confidential data, such as financial records, personal health information (PHI), or intellectual property, it might prefer on-premises automated tape systems with the ability to keep copies offline and offsite.
Likewise, industries subject to strict regulatory requirements, such as healthcare or financial services, may prefer on-premises storage to ensure compliance with data handling and storage regulations. On-premises storage allows organizations to maintain compliance through direct oversight of their data including offline and offsite backup copies for ransomware data protection.
In terms of ransomware backup protection, a tape air gap is clearly the most secure way in which to secure data from internet-based dangers. Only a tape archive solution physically safeguards data from internet threats in compliance with government and regulatory recommendations. If that data is properly scanned prior to being backed up or archived to ensure it is free of infection, it offers certainty that a corruption-free copy of data exists. In the event of a ransomware attack, an organization can confidently fall back on a reliable copy of its data – and avoid any ransom demands. And this comprehensive data protection strategy is far less costly than a C-suite executive would think.
Consultant and TCO economics expert Brad Johns has studied the cost of storing one PB with 25% annual growth rate over 5 years and 10 years using the latest generation 18.0 TB LTO-9 cartridges with a 2.5:1 compression ratio, yielding 45 TB per cartridge. Included in the analysis is the cost of hardware acquisition (a 3U rack-mountable auto loader, two tape drives, and tape cartridges), a 5-year extended warranty, energy usage over the five years, offsite vaulting costs, and system management of 1 PB of mission-critical data on physical tape and then stored offsite. Johns estimates that just
23 LTO-9 cartridges would be needed to store 1 PB initially. He came up with the price tag for 5 years at only $60,000, a minimal expense compared to the potential millions in ransomware demands being paid today.
While IT pros want the flashy new thing to be sure, it’s good to know there are tried and true solutions like today’s modern tape systems to safeguard data from potential threats and flashy new criminals like ransomware hackers.